[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8b73a39a359b4523a053efd614cd7dd7@AcuMS.aculab.com>
Date: Fri, 30 Jun 2023 11:21:44 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Christian Brauner' <brauner@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
CC: Kees Cook <keescook@...omium.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [GIT PULL] pid: use flex array
From: Christian Brauner
> Sent: 30 June 2023 09:04
...
> > And some of them are even ok. I don't think it's always wrong,
> > particularly if you then abstract it out.
> >
> > So doing something like that
> >
> > #define PCI_IOBASE ((void __iomem *)0)
> >
> > makes perfect sense. It's literally abstracting out something real (in
> > this case yes, it looks like a NULL pointer, but it's actually a
> > pointer with a strict type that just happens to have the value zero.
You can't do that, it doesn't work.
A NULL pointer is any constant integer expression that evaluates
to zero implicitly or explicitly converted to a pointer type.
The bit pattern used for a NULL pointer is implementation defined.
It is almost always 0, but the C language allows any invalid
value to be used - eg the 'all ones' pattern.
clang warns for 'PCI_IOBASE + 4'.
Probably because it only has the expected value if NULL is the
zero bit pattern - so it isn't portable.
If has to be said that I doubt gcc or clang support NULL being
other than the zero bit pattern.
Any C code that uses memset() to set a pointer to NULL is making
that assumption.
I have used a system where the native 'invalid pointer' was ~0
but the C port used zero.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists